To hide unlicensed Change Auditor features from the Administration Tasks tab (including unavailable audit events throughout the client), use Action | Hide Unlicensed Components. |
Configuration: The following tasks are available in the Configuration task list: | ||
Define and schedule purge jobs for deleting events from the production database. For more information, see Purging and Archiving your Change Auditor Database. |
||
View and manage all private search queries where alerting and/or reporting has been enabled. For more information, see Disable Private Alerts and Reports. |
||
For more information, see SQL Reporting Services Configuration. |
||
Define report layout templates which contain the header/footer information to be used in reports. |
||
Define who is authorized to use the various Change Auditor client features. For more information, see Change Auditor User Interface Authorization. |
||
Auditing: The Auditing task list is divided into separate lists that identify configuration tasks, forest-level tasks that are globally applied, tasks that define auditing for different applications, server-level tasks that must be assigned to an agent configuration, and tasks that define NAS device auditing. | ||
Configuration: Use the tasks under this heading to configure the audit events to be captured by Change Auditor and to define accounts that are to be included and excluded from auditing. | ||
Enable/disable event auditing and modify an event’s severity level or description. |
||
Forest: Use the tasks under this heading to define custom auditing definitions for your Active Directory forest. | ||
Define custom Active Directory object class auditing. For more information, see the Quest Change Auditor For Active Directory User Guide. |
||
Define custom Active Directory attribute auditing. For more information, see the Quest Change Auditor for Active Directory User Guide. |
||
For more information, see the Quest Change Auditor for Active Directory User Guide. |
||
Define the Active Directory containers that are to be included and excluded from AD query auditing. For more information, see the Quest Change Auditor for Active Directory Queries User Guide. |
||
Define Active Directory Federation Services auditing. For more information, see the Quest Change Auditor For Active Directory User Guide. |
||
Define the Active Directory database auditing. For more information, see the Quest Change Auditor For Active Directory User Guide. |
||
Define custom ADAM (AD LDS) object auditing. For more information, see the Quest Change Auditor for Active Directory User Guide. |
||
Define custom ADAM (AD LDS) attribute auditing. For more information, see the Quest Change Auditor for Active Directory User Guide. |
||
Applications: Use the tasks under this heading to define auditing for different types of applications within your environment. | ||
For more information, see the Quest Change Auditor for Exchange User Guide. |
||
For more information, see the Office 365 and Azure Active Directory Auditing User Guide. |
||
Create SQL Auditing templates to define the SQL instances and operations that are to be audited. Create SQL Data Level Auditing templates to define the operations that are to be audited. For more information, see the Quest Change Auditor for SQL Server User Guide. |
||
For more information, see the Quest Change Auditor for SharePoint User Guide. |
||
Server: Use the tasks under this heading to create auditing templates that can then be assigned to agent configurations to enable custom server-level auditing. | ||
Create File System Auditing templates to define the files/folders that are to be audited. For more information, see the Quest Change Auditor for Windows File Servers User Guide. |
||
Create Registry Auditing templates to define the registry keys and events that are to be audited. |
||
Create Service Auditing templates to specify the system services that are to be audited. |
||
NAS: Use the tasks under this heading to create auditing templates for NAS devices. For more information, see the Quest Change Auditor for NetApp User Guide, Quest Change Auditor for EMC User Guide, Quest Change Auditor for Fluid File System User Guide. | ||
Protection: The Protection task list is divided into separate task lists as well: one for forest-level tasks that are globally applied, one for tasks that define protection for applications, and another for server-level tasks that must be assigned to an agent configuration. To use Active Directory Protection templates, you must be logged in to Change Auditor with an account with Enterprise Admin privileges. | ||
Forest: Use the tasks under this heading to define global protection definitions for your Active Directory forest. For more information, see the Quest Change Auditor for Active Directory User Guide. | ||
Applications: Use the task under this heading to define global protection for your Exchange Mailbox application. For more information, see the Quest Change Auditor for Exchange User Guide. | ||
Use the task under this heading to create protection templates that can then be assigned to agent configurations to enable server-level protection. For more information, see the Quest Change Auditor for Windows File Servers User Guide. | ||
Using the Export and Import commands on the Action menu, you can export/ import the settings defined on the various Administration Tasks tabs. Selecting one of these commands allows you to select the configuration, auditing and protection settings to be exported/imported.
1 |
Open the Administration Tasks tab and click Action | Export. |
Select to export Change Auditor client feature authorizations. | |
Select to export any Excluded Accounts templates. NOTE: When the Agent option is selected in the Configuration section of this dialog, this option is also selected and cannot be cleared. This is because this type of template must be assigned to an agent configuration in order to work properly. | |
Select to export any custom Active Directory auditing definitions. | |
Select to export any custom Active Directory attribute auditing definitions. | |
Select to export any ADAM (AD LDS) attribute auditing definitions. | |
Select to export the Office 365 Exchange Online mailbox auditing list. | |
Select to export any SQL auditing templates. NOTE: When the Agent option is selected in the Configuration section of this dialog, this option is also selected and cannot be cleared. This is because this type of template must be assigned to an agent configuration in order to work properly. | |
Select to export any File System auditing templates. NOTE: When the Agent option is selected in the Configuration section of this dialog, this option is also selected and cannot be cleared. This is because this type of template must be assigned to an agent configuration in order to work properly. | |
Select to export any Registry auditing templates. NOTE: When the Agent option is selected in the Configuration section of this dialog, this option is also selected and cannot be cleared. This is because this type of template must be assigned to an agent configuration in order to work properly. | |
Select to export any Service auditing templates. NOTE: When the Agent option is selected in the Configuration section of this dialog, this option is also selected and cannot be cleared. This is because this type of template must be assigned to an agent configuration in order to work properly. | |
Select to export any File System protection templates. NOTE: When the Agent option is selected in the Configuration section of this dialog, this option is also selected and cannot be cleared. This is because this type of template must be assigned to an agent configuration in order to work properly. |
3 |
Click OK to export the selected settings into an XML file. |
4 |
On the Save Configuration dialog, select the location where the XML file is to be saved. By default, the name of the file is Change Auditor Configuration; however, you can change this in the File name field. Click Save. |
NOTE: A similar dialog appears when you use the Action | Import menu command. From this dialog, you can then select the configuration, auditing and protection settings to be imported. |
The default configuration consists of the following settings:
When the default configuration is modified, workstation agents will only receive these modifications when the polling interval determines there has been a change; clicking Refresh Configuration on the Agent Configuration page only pushes agent configuration changes out to server agents.
NOTE: The NetApp, EMC, SharePoint, and Office 365 auditing templates define which agents are used to capture events; however, these templates do not use the agent configurations from the Agent Configuration page as described in this section. See the Quest Change Auditor for NetApp User Guide, Quest Change Auditor for EMC User Guide, Quest Change Auditor for SharePoint User Guide, Office 365 and Azure Active Directory Auditing User Guide. |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center